Are there any particular features that you particularly want uTorrent for, or are you just wanting it because you are already familiar with it in a Winwos environment?
There are a great many Linux native clients you could chose from and while many are text based (which might not be your cup of tea), such as the excellent rtorrent which I tend to use, there are quite a few that are GUI based, of which deluge seems very popular, or are GUI wrappers for working with text based clients (there are several such wrappers for the basic clients, and for recent rtorrent versions too.
Some offer web-based interfaces too, which some find handy if they download to an external machine to reduce the impact on bandwidth quotas and traffic shaping that may be imposed by their ISP.
See this page for a list of clients that you might want to look into.
Maybe this is a pipe dream, but I'd like to see a social networking website where every object (post, movie, file) was considered an object, and each object had security ACLs, similar to how every filesystem object.
That would never get implemented as it would confuse the hell out of the common denominator. And you can't just ask the common denominator to not mess with it because if it is there they'll click around even if they don't know what it is, and then file an angry support mail asking why the system won't let Aunt Mable see their latest bady pictures.
And for my part, I'm paranoid enough not to have anything at all sensitive there.
The best strategy of all - Never post anything in a massively public system that you don't want to be public.:-)
"Not at all sensitive" == "I'm happy for it to be publicly known"
I actually have virtually nothing on there - I use it mainly for IM (as there are more people I know on there than any other system) and small offline messages (as I find email to be less reliable in some cases), and even then I'm careful what I send.
Oh, I know that. But even if they give out that access to their information I still don't feel I have the right to grant that access. Maybe one of these days some fool will put something sensitive there - f they do it won't be me that give access to the world at large.
And for my part, I'm paranoid enough not to have anything at all sensitive there. The only thing I have reservations about is the word "friend" linking me and one or two of my acquaintances (friends of friends and wayward family members) that I'm linked to on there!
Problem is that you don't need to give them your info. All your "friends" who take dumb-ass surveys like "Which Star Wars character are you?" are giving away your info for you.
Which is why I never let any app/quiz/anything have that access.
I know that all my contacts allow the access wily-nilly so their info is already pretty much "out there", and I know that there is nothing on there (including no links to people I don't want to be publicly linked to) I care about being made completely public (so I don't mind my contacts taking part). But I'm old fashioned enough to think that I have no right to give someone access to someone else's information despite the above.
I'll not diagree there. A phishing attempt might get hold of a private key and pass-phrase as easily as it would an account number and password. The humans are always the weakest link in any well designed system.
<hat material="tin foil">Yeah, because warrantless searches never happen.</hat>
Not that I care personally. The worst any officer of the law will find in my email is some bad taste jokes that might step over generally accepted lines and a few porn references, and if they are going to make something up they can do that without actually looking.
But mail encryption is about much more than law enforcement (I know we are straying away from the original article's point here - feel free to mod "off topic") - it is a much more general solution to potential privacy/secrecy issues both for individuals and commercial entities.
As a bit of an aside, does it matter if you try to make the data private via encryption?
There could be an interesting relationship here: If you claim (probably rightfully) that you own the copyright to the 'content' in question, and encrypt it, does this mean that it would be unlawful for anyone to try and decrypt it under the DMCA?
Yes (if the mail does not ever leave territories where the DMCA is officially respected). Even if you used something daft like ROT13. But we don't want to go lending credence to bad laws that way, and IIRC there are exceptions in that law (intended to pertain only to very specific law enforcement or national security activity, but which are no doubt easily bendable to justify even less desirable snooping too) that could render your copyright violation point officially irrelevant in a court of law (and completely irrelevant if the information has somehow become public anyway - depending on the sensitivity of the information it is likely that no end of legal action will rectify the damage done by its capture and release).
The mail still has to transit through the other party's mail server(s), and possibly a few hops in between any of which could potentially store, and later forward or try read, the data.
My pet concept is the job of key generation, trust, and management should be handled by banks. After all, we all trust the banks with our money already.
Who is this "we" of which you speak? I can tell you that I only "trust" banks with my money because the only other option (under my mattress where it could be lost due to fire or burglar) is less safe and would earn even less interest that way than it does already. Even though I don't have a lot of money (only my emergency fund, a couple of grand in other savings, and the general float that lives in an instant access current account) I've already started splitting what I have between banks in case of customer service issues (if one bank fucks up and I can't get at some cash when I need it, I've got some in the other current account to draw from until I bash heads together to get the problem sorted) or worse (bank goes under just when I need that emergency fund, I'm not stuck waiting for the government's capital guarantee plan to pay out before I can draw a penny unless all my banks go under at the same time).
Getting back on topic for a moment, you can cover this with a combination of public key encryption and some form of key/identity verification that doesn't rely on a bank. And this issue isn't really about key validation anyway, it is about ISP snooping. If I were to send a message to you encrypted with your public key, even though I can not be 100% sure the key came from you I can be pretty sure it didn't come from my ISP and probably almost as sure (depending on where I got the key from, of course) it didn't come from yours so the chance of my ISP or yours or someone in between having the private half needed to read the message is very small. And for circumstances where you need that extra verification that the key is valid for the individual and that the individual I am talking to is the one I think it is, well then you'd have to arrange some sort of key verification either physically, electronically (if we were both online at the same time, and convinced by some code or other means that we are the right people, we could setup a trusted secure link using an online key exchange protocol like Diffie-Hellman and verify our public keys to each other over that), or via a third party that we both already trust (or a potentially a short string of third parties). If I am paranoid enough to need to thoroughly verify your public key before using it to send something to you, I would be paranoid enough not to trust a central agency like a bank, especially your bank who I would probably trust less than I would trust one I already do business with.
The reason encrypted mail has not taken off is not the lack of central verification methods, it is the fact that it isn't completely seamless and the general public, even the business community, are not generally worried enough about these things (whether they should be or not) to care to make the slightest little bit of extra effort. And for the most part they are not wrong. I can't say there is anything much I am ever likely to send by email that is *that* sensitive, personally speaking (some communication in my professional life is another matter). Bank related stuff perhaps, but they have HTTPS based interfaces I can communicate with them through rather than email and that has the advantage of being more reliable too.
This may change, of course. I deal with banks in my day job (the staff training and competence areas, rather than the customer facing or actual money management areas) and over the last decade I've seen the use of good encryption go from not thought of (or even dismissed if I suggested it), to recommended, to required, for any communication of anything relatively sensitive (data with real staff member training records in, for testing or import into a new system, for instance), so maybe this is the start. Next would be for the banks to mandate and enforce encryption standards f
I pay for X Factor by fast-forwarding through ads...
You pay for X Factor through continuing mental degradation as a result of sitting through trash like X Factor. You'd be better off watching the ads and fast-forwarding through the rest.
I know it was meant as a joke, but moving to colder climates may not be such a bad idea. Moving to a northern country such as Canada or Norway, you would benefit from the colder outside temperature, in the winter, to keep the servers cool and then any heat produced could be funnelled to keeping nearby buildings warm.
There has been a fair bit of talk about building so-call "green" DCs in Iceland, where the lower overall temperatures reduce the need for cooling (meaning less energy used, lowering operational costs) and there is good potential for powering the things mainly with power obtained from geothermal sources.
There was also a study (I think it came out of Google) suggesting that load balancing over an international network, like Google's app engine or similar, be arranged so that when there is enough slack to make a difference more load is passed the DCs that are experiencing more wintery conditions than the others. It makes sense for applications where the extra latency of the server perhaps being the other side of the world some of the time isn't gonig to make much difference to the users.
It also highlights how stupid some people are if they think that installing an OS of a totally different version over the top of an old installation is a good idea. Only a complete newbie idiot with minimal knowledge of computers would actually think this is a good idea. That goes for all OSs - not just Windows.
I would concur with that from most Windows user's point of view, but it doesn't always hold.
I have had enough successes upgrading Debian based servers from woody to sarge to etch to lenny to consider it a fairly safe operation (by "fairly safe" I mean I'm happy to do it remotely, but only on machines that are not currently doing anything important - live services are moved elsewhere for a while until the new environment is considered ready and stable). I've only done a desktop upgrade twice, and while both occasions went well that is not many data points so I can't call it statistically relevant.
BUT, in every case the vast majority of the software on those machines came from the official repositories, with only a few odds and ends coming from the semi-official "backports" repos and a sprinkling of small things hand compile into/usr/whatever (or just living in/home/*). You average Windows home machine is in a state that is *nothing* like this because MS do not maintain the repo for all that software the users have installed, so you can't simply expect it all to go smoothly.
Having said all that, I still generally recommend an OS reinstall for a major upgrade even for home systems (for server use the new install option is a no-brainer anyway, as you will be wanting the new environment fully built and tested alongside the old one before migrating over) running Debian. If all your irreplaceable data is away from the system drives/partitions and properly backed up and you have all your install sets and product keys to hand you are not going to lose anything except a little time, and you get a much cleaner system (less all the collected cruft you forgot was even there on the old setup) out of it.
This probably wouldn't work well enough for graphics drivers though as they may need to be kept in much closer step with X and/or the kernel which would mean coordinating updates to those with nvidia's release schedule.
Perhaps the distributions that have "popularity" tracking (such as http://packages.ubuntu.com/jaunty/popularity-contest and http://packages.debian.org/lenny/popularity-contest) could derive some useful figures to pass on to the manufacturers. OK, only a subset of users have this installer & active and some of those won't have their sytem configured so it can send the mail messages needed, but there must be enough info to come up with an estimate of the number of people actively using (as opposed to "installed it to try and took it off later") the nvidia binary driver packages that you are happy is not astronomically wide of the mark.
Or move over to another F/OSS database. Postgres has outdone mysql for "enterprise" features for many years (anyone else remember mysql people telling you that transactions were something that should be handled outside the database?) with the exception of replication support, and sqlite reportedly outperforms it in its traditional market (few writes but many selects over simple but potentially large structures). There are other options out there. A fork would face the same problem these other options have: mysql, the "official" version where-ever that lives these days, has a large amount of market inertia.
(I'm not trying to grind an anti-mysql axe here, though I do prefer the other options myself depending on circumstances, just pointing out that a fork would only be any good to the market if enough people use it and getting that elusive "enough people" market share might not be easy)
So... why so long before boxes hit shelves? It seems very odd to me.
Basically: getting enough manufactured to cover initial demand and getting those units shipped to retailers. Many retailers might have had boxed copies in their warehouses weeks ago but they will have signed a deal saying they won't make them available until the official release date in order for the public release to be coordinated in all territories.
As well as accounting for manufacturing processes and regional shipment delays, they will have also allowed extra time for other unexpected extensions to these delays and other issues. There would also be a final test phase of the activation infrastructure to fit in too, to ensure it can cope with the sudden glut of activity on, and shortly after, release day.
There is also co-ordination with OEMs to consider. They would not be happy with retail copies going out before they had chance to update and test their offerings in time for release date - yes MS has them over a barrel to a certain extent so could tell them to go hang if it wanted to, but this isn't the right climate to be annoying major customers in. There are probably other marketing reasons to pick a coordinated date near, but not at, the end of the year too.
Releasing to MSDN subscribers is much easier. Most are download-only subscriptions now so just put the ISOs on subscriptions.msdn.microsoft.com and there is no need for physical anything never mind coordinated physical anything. For subscribers who still get disks that is just a plain DVD (and/or ISO files on a plain DVD) with no fancy hologram label and no box or other additional materials. It is not expected that developers have to wait for coordinated retail release, so there are no OEM concerns to worry about (in fact the OEMs would prefer developers to have early access - it will reduce problems and returns at their end of the market if there is less stuff out there with compatibility issues by release day).
Why should we be annoyed that it runs the top game of the year extra well?
Because it didn't run the game "extra well". Display quality suffered in places because of the changes made to improve frame rate in this particular cheat (the old ATI-cheating-at-quake-benchmarks example). Not a problem if you set a benchmark test running and come back later to see "42fps average" displayed on screen, but it is a problem if you buy the game based on reviews that quote those benchmarks and then expect to play the game with the visual quality the desginers intended.
In my opinion though, I hate games that level up with me. I like the thought of an area in a game that will kick my arse because I am clearly not ready and at the same time, being able to go back to an 'early' area and kick them about if need be.
I like the way many modern FPSs manage difficulty: set level but you can at your option change them mid-game.
I play most games at "normal" levels - I'm no expert gamer but nor am I new at it either (I say most: I did find DeadSpace a bit too easy on "normal" so restarted it on the harder setting), but I like the fact that if I've banged my head on an area to the point where I'm getting irritated (and may just start thinking about not bothering any further) I can tone down the difficulty to get past that one boss/room/whatever to see the rest of the plot without lpaying the rest of the game at "no real challenge" level. This make little or no difference for brain-required puzzles (I wouldn't want it to) and some timing challenges, but it does mean that hitting on super-hard boss (perhaps while not fully powered up yourself because of an earlier mistake), some other test of twitch reflex, doesn't mean you are simply stuck, have to "cheat" by other means (like a level skip, which could mean missing more content than just that battle), or have to backtrack or go back to a save from hours ago.
This way *I* get to choose the level of difficulty, depending on my ability, my mood (sometimes I want to be kicked and will get great satisfaction from eventually winning, sometimes I just want to gib zombies, and so on), and, sometimes, the specifics of the challenge at hand.
We have our backups offsite too. On externally hosted servers that we directly control in a heavily security vetted DC (some of our clients are banks who would demand nothing less even though the backups in question contain non of their operation data aside from emails containing project/spec/contract documents and such) rather than a "cloud" arrangement, but it would still take quite some time to draw the whole lot down over the connection we currently have.
But that isn't a problem because this has been planned for. There are many options to help out here:
Obviously we could find a better connection to download the data through (my home link is much better than the office link, thanks to geography) - if that office complex burns down then its connection is not going to be part of our set of problems
Most of the backup payload is not anything we are likely to need access to that day. While this doesn't reduce the time taken to get all of it back to local storage it does mean that day-to-day operations can restart very quickly and if something from the archives is needed before they are entirely brought down we have per-file access to the backups so people can grab groups of urgent files manually.
There is also another not-very-regularly-updated-but-non-the-less-it-exists offsite backup on external drives. Assuming that isn't in the office being updated at the time the office burns down, that would be most useful - we could update it form the "real" offsite backup using the wonderful rsync protocol to just transfer changes since it was last updated.
Really, if restoring from your backups is a major problem then you didn't plan your backup strategy well. And you probably didn't ever do a test restore before now either (otherwise you'd be prepared for the time/hassle rather than it surprising you) which earns you a "serves your right" slap on the wrists - a backup procedure that does not have a tested restore procedure is insufficient.
Yes, but your Ubuntu updates potentially cover a much wider range of software than Microsoft's updates. Ignoring the equivalent parts (kernel+drivers and related, OS level libraries, IIS/Apache if you run a web server, Office/OpenOffice,...) there are still all the other apps and utilities you have installed that get updates by the same mechanism.
130Mb is a bit large - my netbook picked up the same set this morning (actually, only ~120Mb in that case). The large size it due to the patching method: the same package is brought down for updates as new installs even if the change only affects, say, a few hundred Kb worth of a 10Mb package. This is something I'll like to see improved - most of OO.o was downloaded in these recent updates. Downloading package patches rather then whole packages would be a bonus at times when stuck on a slow heavily contended wireless connection for days. Though I can see it wouldn't be an easy improvement to properly design+implement+test+roll-out-to-all-repos, and might not be considered worth the effort compared to other work the man-time could be spent on - maybe I'll have a go when I win the lottery, I'll need something to occupy some time!
Adverts coming from an internet server? A quick fix to C:\Windows\System32\Drivers\etc\hosts should fix that...
I'm sure they've thought of that, and will have it check to see if the address found for the server name actually returns the right stuff and if not it'll try a short list of fixed IP addresses like WindowsUpdate does to avoid being redirected by DNS poisoning attacks.
If you have an outgoing firewall on the other hand (say, an iptables setup on your router or a third party firewall on the machine itself), some rules there would get rid of the adverts. Though maybe the apps would disable themselves if it wasn't able to contact the advert server(s) within a given amount of time... OK, that can be hacked out but once you start down that route you may as well pirate the full thing if you want it that badly without paying.
I would agree with you that it would be difficult to make good money on this as a career move, but he could possibly make a decent amount of extra income (on top of his day job) through doing custom jobs. He would have to charge above the odds to make each individual job it worth his while, but as he would be serving a small niche this wouldn't be unreasonable.
Of course he may be of the attitude that he does not want to take money for this, as it is his hobby and he might not want his hobby to become a chore (even if it is a chore that earns him money).
I don't know why he's making such a fuss about it all, he doesn't have to read all of it. OK the quizzes are a bit of a spam problem since facebook treats each of them differently so you can't just exclude them all in one go.
http://lite.facebook.com/ - not one single silly application, no quizzes, nothing. Not even updates on how my cousin's pretend farm is doing. Just the humorous shit (and the mundane shit, but sometimes it is actually nice to see people's mundane thoughts if only as evidence that they are still alive) that we post as messages/photos/videos.
If you are looking for a good "quick primer" on cryptography and cryptanalysis through recent history, Simon Singh's "Code Book" is a good read.
He talks about the people involved (what they were hiding, or why they wanted stuff unhiding) as much as the techniques in places and covers related areas like deciphering ancient languages - this helps the uninitiated reader develop a sense of how it all fits in with the rest of life and makes the book far less dry than other books with a similar goals.
There is an amount of technical detail as well too, enough for the interested reader to grasp the basics. You'll not pass any scientific qualifications using this one book, but after reading it you'll at least know what to look for by way of further reading.
Slashdot Mirror
Are there any particular features that you particularly want uTorrent for, or are you just wanting it because you are already familiar with it in a Winwos environment?
There are a great many Linux native clients you could chose from and while many are text based (which might not be your cup of tea), such as the excellent rtorrent which I tend to use, there are quite a few that are GUI based, of which deluge seems very popular, or are GUI wrappers for working with text based clients (there are several such wrappers for the basic clients, and for recent rtorrent versions too.
Some offer web-based interfaces too, which some find handy if they download to an external machine to reduce the impact on bandwidth quotas and traffic shaping that may be imposed by their ISP.
See this page for a list of clients that you might want to look into.
Maybe this is a pipe dream, but I'd like to see a social networking website where every object (post, movie, file) was considered an object, and each object had security ACLs, similar to how every filesystem object.
That would never get implemented as it would confuse the hell out of the common denominator. And you can't just ask the common denominator to not mess with it because if it is there they'll click around even if they don't know what it is, and then file an angry support mail asking why the system won't let Aunt Mable see their latest bady pictures.
And for my part, I'm paranoid enough not to have anything at all sensitive there.
The best strategy of all - Never post anything in a massively public system that you don't want to be public. :-)
"Not at all sensitive" == "I'm happy for it to be publicly known"
I actually have virtually nothing on there - I use it mainly for IM (as there are more people I know on there than any other system) and small offline messages (as I find email to be less reliable in some cases), and even then I'm careful what I send.
Oh, I know that. But even if they give out that access to their information I still don't feel I have the right to grant that access. Maybe one of these days some fool will put something sensitive there - f they do it won't be me that give access to the world at large.
And for my part, I'm paranoid enough not to have anything at all sensitive there. The only thing I have reservations about is the word "friend" linking me and one or two of my acquaintances (friends of friends and wayward family members) that I'm linked to on there!
Problem is that you don't need to give them your info. All your "friends" who take dumb-ass surveys like "Which Star Wars character are you?" are giving away your info for you.
Which is why I never let any app/quiz/anything have that access.
I know that all my contacts allow the access wily-nilly so their info is already pretty much "out there", and I know that there is nothing on there (including no links to people I don't want to be publicly linked to) I care about being made completely public (so I don't mind my contacts taking part). But I'm old fashioned enough to think that I have no right to give someone access to someone else's information despite the above.
I'll not diagree there. A phishing attempt might get hold of a private key and pass-phrase as easily as it would an account number and password. The humans are always the weakest link in any well designed system.
<hat material="tin foil">Yeah, because warrantless searches never happen.</hat>
Not that I care personally. The worst any officer of the law will find in my email is some bad taste jokes that might step over generally accepted lines and a few porn references, and if they are going to make something up they can do that without actually looking.
But mail encryption is about much more than law enforcement (I know we are straying away from the original article's point here - feel free to mod "off topic") - it is a much more general solution to potential privacy/secrecy issues both for individuals and commercial entities.
As a bit of an aside, does it matter if you try to make the data private via encryption?
There could be an interesting relationship here: If you claim (probably rightfully) that you own the copyright to the 'content' in question, and encrypt it, does this mean that it would be unlawful for anyone to try and decrypt it under the DMCA?
Yes (if the mail does not ever leave territories where the DMCA is officially respected). Even if you used something daft like ROT13. But we don't want to go lending credence to bad laws that way, and IIRC there are exceptions in that law (intended to pertain only to very specific law enforcement or national security activity, but which are no doubt easily bendable to justify even less desirable snooping too) that could render your copyright violation point officially irrelevant in a court of law (and completely irrelevant if the information has somehow become public anyway - depending on the sensitivity of the information it is likely that no end of legal action will rectify the damage done by its capture and release).
What if you host your own email server?
The mail still has to transit through the other party's mail server(s), and possibly a few hops in between any of which could potentially store, and later forward or try read, the data.
My pet concept is the job of key generation, trust, and management should be handled by banks. After all, we all trust the banks with our money already.
Who is this "we" of which you speak? I can tell you that I only "trust" banks with my money because the only other option (under my mattress where it could be lost due to fire or burglar) is less safe and would earn even less interest that way than it does already. Even though I don't have a lot of money (only my emergency fund, a couple of grand in other savings, and the general float that lives in an instant access current account) I've already started splitting what I have between banks in case of customer service issues (if one bank fucks up and I can't get at some cash when I need it, I've got some in the other current account to draw from until I bash heads together to get the problem sorted) or worse (bank goes under just when I need that emergency fund, I'm not stuck waiting for the government's capital guarantee plan to pay out before I can draw a penny unless all my banks go under at the same time).
Getting back on topic for a moment, you can cover this with a combination of public key encryption and some form of key/identity verification that doesn't rely on a bank. And this issue isn't really about key validation anyway, it is about ISP snooping. If I were to send a message to you encrypted with your public key, even though I can not be 100% sure the key came from you I can be pretty sure it didn't come from my ISP and probably almost as sure (depending on where I got the key from, of course) it didn't come from yours so the chance of my ISP or yours or someone in between having the private half needed to read the message is very small. And for circumstances where you need that extra verification that the key is valid for the individual and that the individual I am talking to is the one I think it is, well then you'd have to arrange some sort of key verification either physically, electronically (if we were both online at the same time, and convinced by some code or other means that we are the right people, we could setup a trusted secure link using an online key exchange protocol like Diffie-Hellman and verify our public keys to each other over that), or via a third party that we both already trust (or a potentially a short string of third parties). If I am paranoid enough to need to thoroughly verify your public key before using it to send something to you, I would be paranoid enough not to trust a central agency like a bank, especially your bank who I would probably trust less than I would trust one I already do business with.
The reason encrypted mail has not taken off is not the lack of central verification methods, it is the fact that it isn't completely seamless and the general public, even the business community, are not generally worried enough about these things (whether they should be or not) to care to make the slightest little bit of extra effort. And for the most part they are not wrong. I can't say there is anything much I am ever likely to send by email that is *that* sensitive, personally speaking (some communication in my professional life is another matter). Bank related stuff perhaps, but they have HTTPS based interfaces I can communicate with them through rather than email and that has the advantage of being more reliable too.
This may change, of course. I deal with banks in my day job (the staff training and competence areas, rather than the customer facing or actual money management areas) and over the last decade I've seen the use of good encryption go from not thought of (or even dismissed if I suggested it), to recommended, to required, for any communication of anything relatively sensitive (data with real staff member training records in, for testing or import into a new system, for instance), so maybe this is the start. Next would be for the banks to mandate and enforce encryption standards f
I pay for X Factor by fast-forwarding through ads...
You pay for X Factor through continuing mental degradation as a result of sitting through trash like X Factor. You'd be better off watching the ads and fast-forwarding through the rest.
I know it was meant as a joke, but moving to colder climates may not be such a bad idea. Moving to a northern country such as Canada or Norway, you would benefit from the colder outside temperature, in the winter, to keep the servers cool and then any heat produced could be funnelled to keeping nearby buildings warm.
There has been a fair bit of talk about building so-call "green" DCs in Iceland, where the lower overall temperatures reduce the need for cooling (meaning less energy used, lowering operational costs) and there is good potential for powering the things mainly with power obtained from geothermal sources.
There was also a study (I think it came out of Google) suggesting that load balancing over an international network, like Google's app engine or similar, be arranged so that when there is enough slack to make a difference more load is passed the DCs that are experiencing more wintery conditions than the others. It makes sense for applications where the extra latency of the server perhaps being the other side of the world some of the time isn't gonig to make much difference to the users.
It also highlights how stupid some people are if they think that installing an OS of a totally different version over the top of an old installation is a good idea. Only a complete newbie idiot with minimal knowledge of computers would actually think this is a good idea. That goes for all OSs - not just Windows.
I would concur with that from most Windows user's point of view, but it doesn't always hold.
I have had enough successes upgrading Debian based servers from woody to sarge to etch to lenny to consider it a fairly safe operation (by "fairly safe" I mean I'm happy to do it remotely, but only on machines that are not currently doing anything important - live services are moved elsewhere for a while until the new environment is considered ready and stable). I've only done a desktop upgrade twice, and while both occasions went well that is not many data points so I can't call it statistically relevant.
BUT, in every case the vast majority of the software on those machines came from the official repositories, with only a few odds and ends coming from the semi-official "backports" repos and a sprinkling of small things hand compile into /usr/whatever (or just living in /home/*). You average Windows home machine is in a state that is *nothing* like this because MS do not maintain the repo for all that software the users have installed, so you can't simply expect it all to go smoothly.
Having said all that, I still generally recommend an OS reinstall for a major upgrade even for home systems (for server use the new install option is a no-brainer anyway, as you will be wanting the new environment fully built and tested alongside the old one before migrating over) running Debian. If all your irreplaceable data is away from the system drives/partitions and properly backed up and you have all your install sets and product keys to hand you are not going to lose anything except a little time, and you get a much cleaner system (less all the collected cruft you forgot was even there on the old setup) out of it.
0.5 percent well if thats the only matrix they go by,then every distro should make you download it from there each time you install.
Dont include it any more.
This is how Flash is installed on Ubuntu, and presumably other distributions too. See their flash install package info: http://packages.ubuntu.com/jaunty/flashplugin-installer
This probably wouldn't work well enough for graphics drivers though as they may need to be kept in much closer step with X and/or the kernel which would mean coordinating updates to those with nvidia's release schedule.
Perhaps the distributions that have "popularity" tracking (such as http://packages.ubuntu.com/jaunty/popularity-contest and http://packages.debian.org/lenny/popularity-contest) could derive some useful figures to pass on to the manufacturers. OK, only a subset of users have this installer & active and some of those won't have their sytem configured so it can send the mail messages needed, but there must be enough info to come up with an estimate of the number of people actively using (as opposed to "installed it to try and took it off later") the nvidia binary driver packages that you are happy is not astronomically wide of the mark.
Or move over to another F/OSS database. Postgres has outdone mysql for "enterprise" features for many years (anyone else remember mysql people telling you that transactions were something that should be handled outside the database?) with the exception of replication support, and sqlite reportedly outperforms it in its traditional market (few writes but many selects over simple but potentially large structures). There are other options out there. A fork would face the same problem these other options have: mysql, the "official" version where-ever that lives these days, has a large amount of market inertia.
(I'm not trying to grind an anti-mysql axe here, though I do prefer the other options myself depending on circumstances, just pointing out that a fork would only be any good to the market if enough people use it and getting that elusive "enough people" market share might not be easy)
So... why so long before boxes hit shelves? It seems very odd to me.
Basically: getting enough manufactured to cover initial demand and getting those units shipped to retailers. Many retailers might have had boxed copies in their warehouses weeks ago but they will have signed a deal saying they won't make them available until the official release date in order for the public release to be coordinated in all territories.
As well as accounting for manufacturing processes and regional shipment delays, they will have also allowed extra time for other unexpected extensions to these delays and other issues. There would also be a final test phase of the activation infrastructure to fit in too, to ensure it can cope with the sudden glut of activity on, and shortly after, release day.
There is also co-ordination with OEMs to consider. They would not be happy with retail copies going out before they had chance to update and test their offerings in time for release date - yes MS has them over a barrel to a certain extent so could tell them to go hang if it wanted to, but this isn't the right climate to be annoying major customers in. There are probably other marketing reasons to pick a coordinated date near, but not at, the end of the year too.
Releasing to MSDN subscribers is much easier. Most are download-only subscriptions now so just put the ISOs on subscriptions.msdn.microsoft.com and there is no need for physical anything never mind coordinated physical anything. For subscribers who still get disks that is just a plain DVD (and/or ISO files on a plain DVD) with no fancy hologram label and no box or other additional materials. It is not expected that developers have to wait for coordinated retail release, so there are no OEM concerns to worry about (in fact the OEMs would prefer developers to have early access - it will reduce problems and returns at their end of the market if there is less stuff out there with compatibility issues by release day).
Why should we be annoyed that it runs the top game of the year extra well?
Because it didn't run the game "extra well". Display quality suffered in places because of the changes made to improve frame rate in this particular cheat (the old ATI-cheating-at-quake-benchmarks example). Not a problem if you set a benchmark test running and come back later to see "42fps average" displayed on screen, but it is a problem if you buy the game based on reviews that quote those benchmarks and then expect to play the game with the visual quality the desginers intended.
In my opinion though, I hate games that level up with me. I like the thought of an area in a game that will kick my arse because I am clearly not ready and at the same time, being able to go back to an 'early' area and kick them about if need be.
I like the way many modern FPSs manage difficulty: set level but you can at your option change them mid-game.
I play most games at "normal" levels - I'm no expert gamer but nor am I new at it either (I say most: I did find DeadSpace a bit too easy on "normal" so restarted it on the harder setting), but I like the fact that if I've banged my head on an area to the point where I'm getting irritated (and may just start thinking about not bothering any further) I can tone down the difficulty to get past that one boss/room/whatever to see the rest of the plot without lpaying the rest of the game at "no real challenge" level. This make little or no difference for brain-required puzzles (I wouldn't want it to) and some timing challenges, but it does mean that hitting on super-hard boss (perhaps while not fully powered up yourself because of an earlier mistake), some other test of twitch reflex, doesn't mean you are simply stuck, have to "cheat" by other means (like a level skip, which could mean missing more content than just that battle), or have to backtrack or go back to a save from hours ago.
This way *I* get to choose the level of difficulty, depending on my ability, my mood (sometimes I want to be kicked and will get great satisfaction from eventually winning, sometimes I just want to gib zombies, and so on), and, sometimes, the specifics of the challenge at hand.
We have our backups offsite too. On externally hosted servers that we directly control in a heavily security vetted DC (some of our clients are banks who would demand nothing less even though the backups in question contain non of their operation data aside from emails containing project/spec/contract documents and such) rather than a "cloud" arrangement, but it would still take quite some time to draw the whole lot down over the connection we currently have.
But that isn't a problem because this has been planned for. There are many options to help out here:
Really, if restoring from your backups is a major problem then you didn't plan your backup strategy well. And you probably didn't ever do a test restore before now either (otherwise you'd be prepared for the time/hassle rather than it surprising you) which earns you a "serves your right" slap on the wrists - a backup procedure that does not have a tested restore procedure is insufficient.
Yes, but your Ubuntu updates potentially cover a much wider range of software than Microsoft's updates. Ignoring the equivalent parts (kernel+drivers and related, OS level libraries, IIS/Apache if you run a web server, Office/OpenOffice, ...) there are still all the other apps and utilities you have installed that get updates by the same mechanism.
130Mb is a bit large - my netbook picked up the same set this morning (actually, only ~120Mb in that case). The large size it due to the patching method: the same package is brought down for updates as new installs even if the change only affects, say, a few hundred Kb worth of a 10Mb package. This is something I'll like to see improved - most of OO.o was downloaded in these recent updates. Downloading package patches rather then whole packages would be a bonus at times when stuck on a slow heavily contended wireless connection for days. Though I can see it wouldn't be an easy improvement to properly design+implement+test+roll-out-to-all-repos, and might not be considered worth the effort compared to other work the man-time could be spent on - maybe I'll have a go when I win the lottery, I'll need something to occupy some time!
Adverts coming from an internet server? A quick fix to C:\Windows\System32\Drivers\etc\hosts should fix that...
I'm sure they've thought of that, and will have it check to see if the address found for the server name actually returns the right stuff and if not it'll try a short list of fixed IP addresses like WindowsUpdate does to avoid being redirected by DNS poisoning attacks.
If you have an outgoing firewall on the other hand (say, an iptables setup on your router or a third party firewall on the machine itself), some rules there would get rid of the adverts. Though maybe the apps would disable themselves if it wasn't able to contact the advert server(s) within a given amount of time... OK, that can be hacked out but once you start down that route you may as well pirate the full thing if you want it that badly without paying.
I would agree with you that it would be difficult to make good money on this as a career move, but he could possibly make a decent amount of extra income (on top of his day job) through doing custom jobs. He would have to charge above the odds to make each individual job it worth his while, but as he would be serving a small niche this wouldn't be unreasonable.
Of course he may be of the attitude that he does not want to take money for this, as it is his hobby and he might not want his hobby to become a chore (even if it is a chore that earns him money).
I don't know why he's making such a fuss about it all, he doesn't have to read all of it. OK the quizzes are a bit of a spam problem since facebook treats each of them differently so you can't just exclude them all in one go.
http://lite.facebook.com/ - not one single silly application, no quizzes, nothing. Not even updates on how my cousin's pretend farm is doing. Just the humorous shit (and the mundane shit, but sometimes it is actually nice to see people's mundane thoughts if only as evidence that they are still alive) that we post as messages/photos/videos.
I no longer log into the full-fat version now.
what is wrong with giving a transcript as well?
Nothing wrong with it, but it does take time and effort.
If you are looking for a good "quick primer" on cryptography and cryptanalysis through recent history, Simon Singh's "Code Book" is a good read.
He talks about the people involved (what they were hiding, or why they wanted stuff unhiding) as much as the techniques in places and covers related areas like deciphering ancient languages - this helps the uninitiated reader develop a sense of how it all fits in with the rest of life and makes the book far less dry than other books with a similar goals.
There is an amount of technical detail as well too, enough for the interested reader to grasp the basics. You'll not pass any scientific qualifications using this one book, but after reading it you'll at least know what to look for by way of further reading.