The biggest difference between Spotlight and Google Desktop is that Spotlight is a desktop application, whereas Google Desktop is a web application that runs on your Mac and listens to port 4664. You access the search interface using your web browser.
Now, in theory, nobody else should be able to access the web application, because it is only supposed to listen to local requests. But maybe you've heard of this thing called Javascript, which also runs in your web browser, and can sometimes be used to access arbitrary sites.
So yeah, there is a difference. Spotlight doesn't potentially expose all the files on your computer to some script kiddie on the other side of the world.
Supply of feed corn and sugar cane, yes. MMMmmm, I sure do love me some sugar stew after a hard days work in the fields.
Global agribusiness has solved distribution problems... and *that's* the real problem. The mega-farmer who owns all the land grows cash crops, while his many employees slowly starve to death.
You're half right. Distribution is the problem, but not the way you think. Since it's so easy to distribute cash crops (sugar cane, corn) to developed countries, fewer food crops (beans, fruit, vegetables) that can be consumed locally are grown.
If everyone in the province is growing sugar or feed corn, where does your table food come from?
You write as if the price of overhead was written in stone.
Yes, revolution in the marketplace, thousands of storefronts vacant... until the market adjusts, rents get cheaper, and capable employees decide they would rather help people than machines. Do you really think it's cheaper to deliver a small box of crap to each and every door than it is to deliver a truckload of crap to a retail store?
I like the novelty of your idea for "retail cover charges" but I think you've overstated the advantages enjoyed by online sellers.
One thing I run up against in deploying web services for organizations is that in order to provide SSL for HTTP (without using some sort of NAT-like proxy) we need either a unique port or a unique IP address.
Now, the unique port thing works great for small organizations who connect via commercial ISPs. But for government organizations, or for those whose connection is provided by government organizations, byzantine firewall rules and mandatory HTTP proxies prevent them from connecting to anything other than port 443.
Some days I think it will be easier to implement IPv6 than to get city and state sysadmins to open high ports on their firewalls and HTTP proxies.
It takes a big PR budget to get numbers this good.
Expect to see stories about Google Apps *everywhere* for the next few weeks, while they work on making the made-up numbers and scenarios in this article a reality.
Or to put it another way, how long before they figure out that digital communication can be ruthlessly spoofed, and decide to ignore it altogether as a means of evidence?
Or perhaps they'll just make us all digitally sign our packets using the RFID chips implanted in our armpits at birth...
Sounds radical, but it's not. You just plain cannot tell who or what generated any given packet on a network. There's no fingerprint, or carbon dating, or scent for the bloodhounds. A forged packet looks, sounds, tastes, smells, and feels exactly like any other.
> Now, on the other hand, the possibility of spoofing dead man's letters from other people *does* sound promising.
Genius!
And with a disclaimer at the end: "I designed this system to only trigger in the event of my *actual* death. Anyone pretending to be me, and saying that I'm still alive, should be ignored."
Ask anyone over 35 about word processors (yes, I know we can't be trusted) and chances are they will pine for the old console version of WordPerfect. It used complex keyboard shortcuts for everything, it wasn't WYSIWYG, and yet real people used it to get real work done. Not just simple letters and term papers, but complex legal documents and screenplays.
Most importantly, non-technical users felt like they were in *complete control* while using it. That's quite something for a console app.
If you really want to capture the "hearts and minds" market for MS Office alternatives, you could do much worse than to bring the original WordPerfect interface back from the grave.
Fairly straightforward solution: don't allow mixed character sets. Your proposed domain name includes characters from two different alphabets, therefore it is illegal and un-registerable.
After seeing this presentation on OpenBSD's spamd, which profiles and greylists SMTP connections coming from botnets, I'm convinced of the need for HTTP POST greylisting.
Point is twofold: slow the bots down (or stop the dumb ones altogether) and block obvious botnets completely.
SMTP has the handy retry message. For HTTP, we would need to store the original POST request, and return a response with a 10-20 second meta-refresh to a confirmation url. Anonymous posters won't mind the wait, and the time window gives us time to watch for additional POSTs from the same ip, and blacklist them outright if they match a spammy profile.
Slashdot Mirror
Well it WAS going to be ZFS, but now they're going to use rdiff-backup instead.
Yeah, not actually seeing what the problem is here.
The guys who turn up their car stereos in my neighborhood don't pay royalties, even though plenty of people hear the music.
If you're not trying to make money off of someone else's work, and you're not trying to claim it as your own, who freekin' cares what you do with it?
Someday, in the future, a computer the size of a small room will be possible!
And it will be as powerful as today's most advanced videogames...
They're baffled? Really?
So you're saying the CEO isn't gonna want one of these things? Please.
Also, you don't write applications that run *on* the iPhone... you write web applications that run in the *browser* that runs on the iPhone.
I can't believe Gartner is this clueless... I think someone at Apple forgot to pay them to gush.
Wait, this is interesting. If I go buy a Mac Mini, wipe the hard drive, and install Windows, can I get a rebate for my unused OS X license?
And if not, how is this different from Linux users seeking rebates for the OEM Windows they don't use on their new PCs from DELL et al?
Point would be to buy the Mac now, sell back the Tiger license, and run Win or Lin until Leopard is released.
The biggest difference between Spotlight and Google Desktop is that Spotlight is a desktop application, whereas Google Desktop is a web application that runs on your Mac and listens to port 4664. You access the search interface using your web browser.
Now, in theory, nobody else should be able to access the web application, because it is only supposed to listen to local requests. But maybe you've heard of this thing called Javascript, which also runs in your web browser, and can sometimes be used to access arbitrary sites.
Yes, it's hard, and it requires the existence of other vulnerabilities. See Google Desktop Vulnerable to Anti-DNS Pinning for instance.
So yeah, there is a difference. Spotlight doesn't potentially expose all the files on your computer to some script kiddie on the other side of the world.
Supply of feed corn and sugar cane, yes. MMMmmm, I sure do love me some sugar stew after a hard days work in the fields.
Global agribusiness has solved distribution problems... and *that's* the real problem. The mega-farmer who owns all the land grows cash crops, while his many employees slowly starve to death.
You're half right. Distribution is the problem, but not the way you think. Since it's so easy to distribute cash crops (sugar cane, corn) to developed countries, fewer food crops (beans, fruit, vegetables) that can be consumed locally are grown.
If everyone in the province is growing sugar or feed corn, where does your table food come from?
You write as if the price of overhead was written in stone.
Yes, revolution in the marketplace, thousands of storefronts vacant... until the market adjusts, rents get cheaper, and capable employees decide they would rather help people than machines. Do you really think it's cheaper to deliver a small box of crap to each and every door than it is to deliver a truckload of crap to a retail store?
I like the novelty of your idea for "retail cover charges" but I think you've overstated the advantages enjoyed by online sellers.
Congratulations, you just invented the United States of America.
Clearly iPot, in the context of cell phone use, is not about storage so much as procurement.
Just in time delivery, shall we say?
Exactly. Like the difference between NiCad and NiMH rechargeable batteries.
These new-fangled ones sure do last longer! Very few people care why.
One thing I run up against in deploying web services for organizations is that in order to provide SSL for HTTP (without using some sort of NAT-like proxy) we need either a unique port or a unique IP address.
Now, the unique port thing works great for small organizations who connect via commercial ISPs. But for government organizations, or for those whose connection is provided by government organizations, byzantine firewall rules and mandatory HTTP proxies prevent them from connecting to anything other than port 443.
Some days I think it will be easier to implement IPv6 than to get city and state sysadmins to open high ports on their firewalls and HTTP proxies.
It takes a big PR budget to get numbers this good.
Expect to see stories about Google Apps *everywhere* for the next few weeks, while they work on making the made-up numbers and scenarios in this article a reality.
Exactly.
Or more to the point, where do you think the hum *goes* when you ground your amps?
Into the ground, of course!
Has he been running Vista in Parallels or something?
Or to put it another way, how long before they figure out that digital communication can be ruthlessly spoofed, and decide to ignore it altogether as a means of evidence?
Or perhaps they'll just make us all digitally sign our packets using the RFID chips implanted in our armpits at birth...
Sounds radical, but it's not. You just plain cannot tell who or what generated any given packet on a network. There's no fingerprint, or carbon dating, or scent for the bloodhounds. A forged packet looks, sounds, tastes, smells, and feels exactly like any other.
> Now, on the other hand, the possibility of spoofing dead man's letters from other people *does* sound promising.
Genius!
And with a disclaimer at the end: "I designed this system to only trigger in the event of my *actual* death. Anyone pretending to be me, and saying that I'm still alive, should be ignored."
> Moral: Build a better PlayStation and the American consumer will forgive all else.'"
Pretty sure that Americans who hold the NFL and Oprah in high esteem don't give a lick about where their next PlayStation is coming from...
Ask anyone over 35 about word processors (yes, I know we can't be trusted) and chances are they will pine for the old console version of WordPerfect. It used complex keyboard shortcuts for everything, it wasn't WYSIWYG, and yet real people used it to get real work done. Not just simple letters and term papers, but complex legal documents and screenplays.
Most importantly, non-technical users felt like they were in *complete control* while using it. That's quite something for a console app.
If you really want to capture the "hearts and minds" market for MS Office alternatives, you could do much worse than to bring the original WordPerfect interface back from the grave.
Or you could require all of the letters in a given sub-domain to be in the same alphabet.
This would allow [Japanese].PSP.[Japanese].jp without mixing character sets and setting us all up for phishing schemes.
Fairly straightforward solution: don't allow mixed character sets. Your proposed domain name includes characters from two different alphabets, therefore it is illegal and un-registerable.
See, that's not so bad, is it?
This post deserves Hall of Fame status. Nice.
I know what I'm saying now... thank gods I never have to go to Sun's ugly, confusing website ever again.
apt-get install java is excellent compensation for being wrong.
After seeing this presentation on OpenBSD's spamd, which profiles and greylists SMTP connections coming from botnets, I'm convinced of the need for HTTP POST greylisting.
Point is twofold: slow the bots down (or stop the dumb ones altogether) and block obvious botnets completely.
SMTP has the handy retry message. For HTTP, we would need to store the original POST request, and return a response with a 10-20 second meta-refresh to a confirmation url. Anonymous posters won't mind the wait, and the time window gives us time to watch for additional POSTs from the same ip, and blacklist them outright if they match a spammy profile.