It's bad enough apps like gtk chew on mem like a cowboy with some skoals
Not to be funny, but you must be pretty short on RAM to have to worry about gtk's memory usage. I'd suggest that it's probably time for an upgrade - RAM is cheap these days.
Easy. There are only really three ways to prevent something or someone from spidering your website without annoying real users:
* block their IP address(es) * block their user agent * put a line in your robots.txt file and *hope* they honour it
None of these methods are effective against someone who is determined to spider your site. For your purposes, though, you could just use a suitably-crafted wget session to download everything.
You can get more inventive, for example by displaying indistinct images of text and making users submit the word to continue, but there's very little that I can think of that would be effective and wouldn't inconvenience "real" users of your site.
If you're going.NET, C# code is more concise and usable than what appears to be legacy VB support.
Here's an anecdote for you: A few months ago, I decided to teach myself Managed DirectX and C#. Searching around the web, I found a nice little tutorial in the basics of DirectX, written in VB.NET.
So, I downloaded it, compiled it, and cofirmed that it ran correctly, before porting it to C#. Now, this was the first time I've ever used VB or any kind, other than a little VBScript a few years ago for some ASP work. It was also my first serious bit of C# code, although I've been a Java programmer for about 3.5 years. I concentrated on just getting the thing ported and running, ignoring (at the time) any optimisations of any kind.
According to the app's own frame rate counter, performance increased by a factor of 10 - literally, it went from 70fps to around 700.
in many ways C# is Java for Windows
Agreed. To me, it feels like someone sat down, implemented their favourite bits of Java, added in some other things they thought were cool, then hit a thesaurus and started finding synonyms for keywords and concepts...
unlike java, it is also seeing some real-world apps on the client as well
Well, perhaps you don't regard an IDE as a "real world" app, but Borland's (excellent, imho) JBuilder is written in Java. Two other Java apps I use from time to time are SQuireL, an SQL client, and JEdit, a "everything plus the kitchen sink" text editor.
it's interpreted, so you can incrementally build and test code
Unless your project is utterly huge or your machine really, really slow, there's no disadvantage to using a compiled language in this respect. (Even if your project is huge, it should be perfectly possible to organised it so that the bulk of it does not have to be recompiled every time.)
Incremental build-and-test is how I've *always* worked, and I pretty-much only use compiled languages.
There's no "pretty much" about it - you copy someone's copyrighted graphics, you've violated their copyright. The only things to establish in a case like that is whether or not you copied them, whether they're copyrighted, and whether you had permission.
RedHat supports thousands of separate applications along with the OS
Yes. All of which they have the source to, and all of which they choose to include in their distribution.
I take that to mean that they've looked at the code, and declared it safe to use, or at least as safe as they're willing to warranty it (which is not at all, iirc). If there's an exploit found in code that ships with a Linux distribution, then it's the distributor's responsibilty, imnho. I don't care if it's (c) RedHat or not.
The "are you sure you want to view these system folders" screen.
That also happens in Windows 2000, of course - and just as in 2k, the first time it happens, just click the "Show me the files" link and it never bothers you again.
The crippled search option until you change folder options to show "hidden" and system files.
Also true of 2k. Again, turn it off once, and it's gone.
The hiding of tray icons, some of the 'inactive' ones are pretty important.
Okay, that's new in XP - but again, you can turn it off if you don't like it, or set the individual important ones to "always show".
There are plenty of things to rail against Microsoft for, but easily-changed options and a GUI that you don't like because it's different aren't very good ones, imho.
but why oh why can't they put some of that money into making the phones work?
Well, it's a UK company that's doing this work, and over here, the phones *do* work. That was kind of the original poster's point.
I have a Nokia 3410 that I got free last year when I renewed my contract with my service provider, and with a few exceptions (eg on the Tube) I have perfect reception pretty-much everywhere I go. There are one or two places where I don't, because of local conditions, but they're few and far between and are almost never a problem.
From the sounds of it, your problem isn't with the 'phones, but with your providers' networks.
Rubbish. Mandrake, at least, runs a number of daemons by default if you install them (such as sshd), and warns you about this fact at install time. Depending on the exact choices you make while installing it, it's entirely possible to have half a dozen or more ports open.
The truth is most people don't care about the license just as long it is not to restrictive.
No. The truth is most people don't even read the licence, and wouldn't care what it said if they did.
They'd have the same attitude that they do to copying CDs, or speeding - "sure, *technically* it's illegal, but what're the chances of getting caught? And besides, they can't lock everyone up, can they?"
Linux will only replace Windows on the desktop when it's better in ways that end users care about, and all they care about is getting the job done.
Java provides everything that.Net provides, but in a platform neutral and sane manner
Java is not platform neutral. Java, the language, only *officially* runs on the JVM, the Java platform. This platform has been ported to a number of different hardware and operating system combinations, but it most certainly is not platform independent.
Note that I'm not bashing Java in anyway - it's been my primary programming language for about three years now.
Patents by their very nature always offensive, they prevent others from independently working even if they never harm you or your market in any way and you don't sue them.
Not so - the patent holder has to sue for violation of the patent. They can choose not to, and don't even risk losing the patent if they don't (as I understand it, I ANAL, etc).
If you want a defense then publish, don't patent
Let's say there are two companies, A and B, working in the same field. A patents everything, B publishes everything. Everything is fine, until one day B (perhaps unwittingly) violates one of A's patents. A makes demands that they pay a licence fee or stop. Now B has no choice but to comply - they cannot reply to A by saying "Ah, but *you* are violating *this* patent of ours, so let's call it quits, shall we?".
Publishing your work only protects you from others patenting it, it doesn't protect from violating another's patents, and that's the problem. As long as one company in a given field registers patents, they all must.
1) Create an account 2) Go to your preferences page 3) Go to the "Homepage" page 4) Check the box next to "michael" in the "authors" list 5) Scroll down to the bottom of the page and hit the "Save" button 6) Enjoy a Michael-free slashdot
Of course, I doubt you'll get as far as step 1), but hey...
Well, if the app scans the local network for other copies of itself with the same serial number, surely those other copies would have to be running at the time?
Isn't that exactly what you want - essentially, a floating single-user licence for the software. Try to run two copies at once, it bitches, but run one at a time and it's fine.
You can't ask for a licensing fee under the GPL, but as the copyright owner, you're free to license the code to individuals/companies under a different licence, including asking for money.
Of course, if they want to, they can just get a GPLed copy from anyone, and be bound by it - the seperate licence thing is only really of any use to someone wanting to incorporate the code into proprietary software, etc.
Many ISPs already filter the standard windows NetBIOS ports (137-139, i think) because of possible attacks.
I see that as a good thing. What possible reason is there to have file and printer sharing open to the internet?
True, it shouldn't be the responsibility of the ISP, and no, I'm not exactly happy with the thought of port filtering becoming common place and extending to other ports (ftp, ssh, http, etc - after all, "it's a home connection, you shouldn't be running servers..."). As an interim measure, though, it at least does help to contain the problem.
If people don't start taking their own computer's security seriously
I think you have that wrong. People do take their computer's security seriously, they just don't know enough about it. They also, largely, expect to be able to just switch their computer on, and have it work, like everything else they use. TV, video, dvd, microwave, car, central heating - they're all made, installed or set up once, and then just work. If they break down, they're replaced, or a qualified engineer is called to fix them.
People aren't yet used to the idea that computers don't quite act like that. You and I may have been working closely with them for years, but most "ordinary" people haven't. So, they expect them to require the same amount of effort as everything else they use.
I think that PC manufacturers could go a long way to helping here - shipping with firewalls and virus scanners preinstalled and configured. Perhaps have a couple of big, impossible to miss buttons on the desktop - "click here if this machine is connecting directly to the internet", "click here if this machine will not connect to the internet, or will connect via another machine on the network", "click here if you don't know what that means", that configures the machine appropriately for its role. That way, the gateway can be secured, while the rest of the network can share files and printers. No, that's not a foolproof plan, but I think it would go a long way to helping solve the problem.
Don't just bitch and moan at the "clueless, irresponsible" users - teach them to know better, and help them while they're learning.
The worse thing is that every incident like this is just another piece of ammunition for the pro-DRM companies.
How does DRM prevent me from writing a worm? I think you mean trusted computing/palladium. Even then, though, I fail to see how it will prevent worm and virus writers.
In order to be able to write my own software, there must be the provision to run untrusted code - they cannot shutdown an entire industry (shareware/freeware) simply to try to stop viruses. Therefore, the only practical effect I can see is that it'll be like installing an unsigned driver on 2k/XP. When you run the code, a dialogue box will pop up, warning you that it's not trusted and asking if you're sure that you want to proceed. Then it just becomes an exercise in social engineering, to get people to click "yes". They're already practising that, in order to get people to open the attachment in the first place; I don't see that being much of a barrier.
Microsoft has a much, much better option for helping secure their users' computers though - they already ship with a basic firewall, and have recently bought an AV company. Turning the firewall on by default for any machine that is setup as a gateway (as selected in the "home and office networking" setup wizard), and shipping the AV software, on by default and auto-updating, would do a lot to prevent this sort of thing.
Also I noticed that MS is including driver updates in the critical updates as well (nVidia driver).
That is incorrect. My work machine and two of the machines I have at home run XP and have nVidia-based cards in them, and I've not seen nVidia driver updates offered as critical updates on any of them. They're offered in the driver update section, but that is not offered by the AutomaticUpdates tool - that only offers critical updates. Driver updates are also not selected by deafult in Windows Update, you have to click on the "Driver Updates" link on the left, then select the individual drivers to install.
In short, in my experience, based on these three machines, there is no way to accidently or automatically install a driver update.
It's bad enough apps like gtk chew on mem like a cowboy with some skoals
Not to be funny, but you must be pretty short on RAM to have to worry about gtk's memory usage. I'd suggest that it's probably time for an upgrade - RAM is cheap these days.
Easy. There are only really three ways to prevent something or someone from spidering your website without annoying real users:
* block their IP address(es)
* block their user agent
* put a line in your robots.txt file and *hope* they honour it
None of these methods are effective against someone who is determined to spider your site. For your purposes, though, you could just use a suitably-crafted wget session to download everything.
You can get more inventive, for example by displaying indistinct images of text and making users submit the word to continue, but there's very little that I can think of that would be effective and wouldn't inconvenience "real" users of your site.
If you're going .NET, C# code is more concise and usable than what appears to be legacy VB support.
Here's an anecdote for you: A few months ago, I decided to teach myself Managed DirectX and C#. Searching around the web, I found a nice little tutorial in the basics of DirectX, written in VB.NET.
So, I downloaded it, compiled it, and cofirmed that it ran correctly, before porting it to C#. Now, this was the first time I've ever used VB or any kind, other than a little VBScript a few years ago for some ASP work. It was also my first serious bit of C# code, although I've been a Java programmer for about 3.5 years. I concentrated on just getting the thing ported and running, ignoring (at the time) any optimisations of any kind.
According to the app's own frame rate counter, performance increased by a factor of 10 - literally, it went from 70fps to around 700.
in many ways C# is Java for Windows
Agreed. To me, it feels like someone sat down, implemented their favourite bits of Java, added in some other things they thought were cool, then hit a thesaurus and started finding synonyms for keywords and concepts...
Yes, it is - he reacted to the guy's sig. That's reactive by definition, whether the sig is bullshit or not.
unlike java, it is also seeing some real-world apps on the client as well
Well, perhaps you don't regard an IDE as a "real world" app, but Borland's (excellent, imho) JBuilder is written in Java. Two other Java apps I use from time to time are SQuireL, an SQL client, and JEdit, a "everything plus the kitchen sink" text editor.
it's interpreted, so you can incrementally build and test code
Unless your project is utterly huge or your machine really, really slow, there's no disadvantage to using a compiled language in this respect. (Even if your project is huge, it should be perfectly possible to organised it so that the bulk of it does not have to be recompiled every time.)
Incremental build-and-test is how I've *always* worked, and I pretty-much only use compiled languages.
which is pretty much copyright violation
There's no "pretty much" about it - you copy someone's copyrighted graphics, you've violated their copyright. The only things to establish in a case like that is whether or not you copied them, whether they're copyrighted, and whether you had permission.
No it isn't, it's just a different name. It's not the name itself that's hurtful, so much as the intent behind it.
YOU DON'T PUT A F*CKING WEBSERVER IN THE KERNEL
You mean like the Linux kernel patch to put http-serving in the kernel?
RedHat supports thousands of separate applications along with the OS
Yes. All of which they have the source to, and all of which they choose to include in their distribution.
I take that to mean that they've looked at the code, and declared it safe to use, or at least as safe as they're willing to warranty it (which is not at all, iirc). If there's an exploit found in code that ships with a Linux distribution, then it's the distributor's responsibilty, imnho. I don't care if it's (c) RedHat or not.
The "are you sure you want to view these system folders" screen.
That also happens in Windows 2000, of course - and just as in 2k, the first time it happens, just click the "Show me the files" link and it never bothers you again.
The crippled search option until you change folder options to show "hidden" and system files.
Also true of 2k. Again, turn it off once, and it's gone.
The hiding of tray icons, some of the 'inactive' ones are pretty important.
Okay, that's new in XP - but again, you can turn it off if you don't like it, or set the individual important ones to "always show".
There are plenty of things to rail against Microsoft for, but easily-changed options and a GUI that you don't like because it's different aren't very good ones, imho.
but why oh why can't they put some of that money into making the phones work?
Well, it's a UK company that's doing this work, and over here, the phones *do* work. That was kind of the original poster's point.
I have a Nokia 3410 that I got free last year when I renewed my contract with my service provider, and with a few exceptions (eg on the Tube) I have perfect reception pretty-much everywhere I go. There are one or two places where I don't, because of local conditions, but they're few and far between and are almost never a problem.
From the sounds of it, your problem isn't with the 'phones, but with your providers' networks.
Linux and OS X ship with zero ports open.
Rubbish. Mandrake, at least, runs a number of daemons by default if you install them (such as sshd), and warns you about this fact at install time. Depending on the exact choices you make while installing it, it's entirely possible to have half a dozen or more ports open.
The truth is most people don't care about the license just as long it is not to restrictive.
No. The truth is most people don't even read the licence, and wouldn't care what it said if they did.
They'd have the same attitude that they do to copying CDs, or speeding - "sure, *technically* it's illegal, but what're the chances of getting caught? And besides, they can't lock everyone up, can they?"
Linux will only replace Windows on the desktop when it's better in ways that end users care about, and all they care about is getting the job done.
Java provides everything that .Net provides, but in a platform neutral and sane manner
Java is not platform neutral. Java, the language, only *officially* runs on the JVM, the Java platform. This platform has been ported to a number of different hardware and operating system combinations, but it most certainly is not platform independent.
Note that I'm not bashing Java in anyway - it's been my primary programming language for about three years now.
Patents by their very nature always offensive, they prevent others from independently working even if they never harm you or your market in any way and you don't sue them.
Not so - the patent holder has to sue for violation of the patent. They can choose not to, and don't even risk losing the patent if they don't (as I understand it, I ANAL, etc).
If you want a defense then publish, don't patent
Let's say there are two companies, A and B, working in the same field. A patents everything, B publishes everything. Everything is fine, until one day B (perhaps unwittingly) violates one of A's patents. A makes demands that they pay a licence fee or stop. Now B has no choice but to comply - they cannot reply to A by saying "Ah, but *you* are violating *this* patent of ours, so let's call it quits, shall we?".
Publishing your work only protects you from others patenting it, it doesn't protect from violating another's patents, and that's the problem. As long as one company in a given field registers patents, they all must.
It's new-ish; I don't check the site that regularly, but I'm pretty sure that the FreeBSD drivers have been there for only 6 months or so.
The reason MS is being accused is not just because their software is insecure, but because they shipped it KNOWING it was insecure.
Would you care to prove that?
How to get rid of Michael:
1) Create an account
2) Go to your preferences page
3) Go to the "Homepage" page
4) Check the box next to "michael" in the "authors" list
5) Scroll down to the bottom of the page and hit the "Save" button
6) Enjoy a Michael-free slashdot
Of course, I doubt you'll get as far as step 1), but hey...
Well, if the app scans the local network for other copies of itself with the same serial number, surely those other copies would have to be running at the time?
Isn't that exactly what you want - essentially, a floating single-user licence for the software. Try to run two copies at once, it bitches, but run one at a time and it's fine.
yes they actually say they don't guarantee it's suitable for ANY purpose
And similar language exists in the GPL, and in fact, in pretty much every software licence I've ever read.
It's very common practice. So what's your point?
You can't ask for a licensing fee under the GPL, but as the copyright owner, you're free to license the code to individuals/companies under a different licence, including asking for money.
Of course, if they want to, they can just get a GPLed copy from anyone, and be bound by it - the seperate licence thing is only really of any use to someone wanting to incorporate the code into proprietary software, etc.
Many ISPs already filter the standard windows NetBIOS ports (137-139, i think) because of possible attacks.
I see that as a good thing. What possible reason is there to have file and printer sharing open to the internet?
True, it shouldn't be the responsibility of the ISP, and no, I'm not exactly happy with the thought of port filtering becoming common place and extending to other ports (ftp, ssh, http, etc - after all, "it's a home connection, you shouldn't be running servers..."). As an interim measure, though, it at least does help to contain the problem.
If people don't start taking their own computer's security seriously
I think you have that wrong. People do take their computer's security seriously, they just don't know enough about it. They also, largely, expect to be able to just switch their computer on, and have it work, like everything else they use. TV, video, dvd, microwave, car, central heating - they're all made, installed or set up once, and then just work. If they break down, they're replaced, or a qualified engineer is called to fix them.
People aren't yet used to the idea that computers don't quite act like that. You and I may have been working closely with them for years, but most "ordinary" people haven't. So, they expect them to require the same amount of effort as everything else they use.
I think that PC manufacturers could go a long way to helping here - shipping with firewalls and virus scanners preinstalled and configured. Perhaps have a couple of big, impossible to miss buttons on the desktop - "click here if this machine is connecting directly to the internet", "click here if this machine will not connect to the internet, or will connect via another machine on the network", "click here if you don't know what that means", that configures the machine appropriately for its role. That way, the gateway can be secured, while the rest of the network can share files and printers. No, that's not a foolproof plan, but I think it would go a long way to helping solve the problem.
Don't just bitch and moan at the "clueless, irresponsible" users - teach them to know better, and help them while they're learning.
The worse thing is that every incident like this is just another piece of ammunition for the pro-DRM companies.
How does DRM prevent me from writing a worm? I think you mean trusted computing/palladium. Even then, though, I fail to see how it will prevent worm and virus writers.
In order to be able to write my own software, there must be the provision to run untrusted code - they cannot shutdown an entire industry (shareware/freeware) simply to try to stop viruses. Therefore, the only practical effect I can see is that it'll be like installing an unsigned driver on 2k/XP. When you run the code, a dialogue box will pop up, warning you that it's not trusted and asking if you're sure that you want to proceed. Then it just becomes an exercise in social engineering, to get people to click "yes". They're already practising that, in order to get people to open the attachment in the first place; I don't see that being much of a barrier.
Microsoft has a much, much better option for helping secure their users' computers though - they already ship with a basic firewall, and have recently bought an AV company. Turning the firewall on by default for any machine that is setup as a gateway (as selected in the "home and office networking" setup wizard), and shipping the AV software, on by default and auto-updating, would do a lot to prevent this sort of thing.
Also I noticed that MS is including driver updates in the critical updates as well (nVidia driver).
That is incorrect. My work machine and two of the machines I have at home run XP and have nVidia-based cards in them, and I've not seen nVidia driver updates offered as critical updates on any of them. They're offered in the driver update section, but that is not offered by the AutomaticUpdates tool - that only offers critical updates. Driver updates are also not selected by deafult in Windows Update, you have to click on the "Driver Updates" link on the left, then select the individual drivers to install.
In short, in my experience, based on these three machines, there is no way to accidently or automatically install a driver update.