Looking at assembly code tells you very little about how modern software systems work. Any more than sheet metal fabrication tells you how an airplane works. Ever hear the expression "can't see the forest for the trees?" With assembly language, you're focusing on the individual leaves!
Since you have a TARDIS, would you mind dropping by 1970 London and grabbing the famous missing tapes? (Hey, now we know what happened to them!) And while you're at it, you should probably acquire a compatible deck!
The big problem with your concept is that joeblow.cheapISP.com is only good until cheapISP.com goes tits-up -- then Joe Blow not only has to find new hosting, he ALSO has to retrain his entire audience to go to joeblow.newISP.com
And for the typical vanity site, that's not exactly a big deal. You just have to tell the 20 or so people who access the site that the URL has changed!
Second, not all noncommercial domains are "vanity domains". Many are very useful to their owners and site-visitors, as a means of sorting out content by type and/or topic.
And if such a domain is useful to a large number of people, $100 is not an unreasonable price to pay for it.
The real cure wouldn't be to raise the price of the ordinary domain out of the average person's reach -- that's just elitist crap.
The average person can't afford $100 a year? Jeez, the economy's in worse shape than I thought!
Seriously, though, nobody who's running a non-vanity web site is going to balk at an extra $100 a year. Consider that even the cheapest DSL service costs about twice that per year. (Nobody can manage a serious web site using dialup!) And then there's hosting: the minimum you can expect to spend (assuming you just want to host a few static pages) is $60 a year. Real shared hosting (with CGI and databases) costs about $200 a year.
But if you really have thousands of people accessing your web site, you probably need to get a dedicated server. Minimum cost: $2K a year.
So, somebody's spending thousands of bucks to keep their web site up, yet you say it's "elitist" to make them spend $100 for the domain name. Grow up.
No, the real cure would be to prohibit registrars from holding/reselling any domains (including by their subsidiaries and partners) that they aren't actually using for their own business.
Ah, the class 90s disconnect: only evil socialists take money from people, but spending money you don't have is perfectly cool. You don't want to charge more than token fees for domains, but you want to spend huge sums enforcing rules as to how those domains can be used.
I tried initiating the transfer through GoDaddy's management tools (which seem to be really geared towards domain squatting, btw)
Well, duh. That's what happens when you make domain registration an open market. Registration is not a complicated product, so the only way vendors can compete is price. The natural result is a service like GoDaddy which charges a few bucks for a single registration, and provides a corresponding level of service. And why is it news that they facilitate domain squatting? They (and a lot of other registrars) have been advertising cheap bulk registrations for years. And why shouldn't they? If we say, "Compete any way you can", this is the natural result.
If it were up to me, we'd go back to one having one registrar that charges $35/year for every second-level domain. No, better yet, raise it to $100 a year. Allow the registrar a reasonable profit, and put the rest of the money into something useful: research, or bridging the digital divide.
Shazam! No more domain squatting. It's not longer profitable. And that single registrar has every incentive to provide good service: if they don't, they lose their cash cow.
"No way! Why should I have to pay that much for my personal domain name??!!" Hey, if a vanity web site is that important to you, you should shell out. If not, get a third-level domain. When a web site contains nothing but family photos and rants about gun control, nobody cares whether its on JoeBlow.com or JoeBlow.CheapISP.com.
But of course that's never going to happen: ICANN couldn't possibly stand up to all the whinning that would result. So we're stuck with the current situation, and there's no use complaining about companies like GoDaddy. So you're just going to have to live with domain squatting. And remember that when it comes to registering your domain, you get what you pay for.
... there is real mass transit so that companies don't have to invest money in doing this for themselves.
Amen to that. Alas, Americans think mass transit is evil.
How long before Google gets together with some of the other tech companies in the area to run a shared service?
Lots of SV companies sponsor shuttles, either jointly or on their own. Google's is the first one I've heard of that is so popular. The other shuttles are less ambitious; mostly they bridge the gap between the local train station and the workplace. Only a small percentage of the employees use them.
Why is Google's shuttle program so much more popular? Probably because they can afford to throw a lot of money at the problem. Providing decent transit in a sprawl is expensive. It takes a lot of vehicles to cover all those little neighborhoods. Google can afford it, but most other companies cannot.
And even a company that's rolling in dough is not likely to spend that kind of money on perks. If they did, they'd take heat from their shareholders for not "controlling costs". Google is exempt from that problem because because they've managed to lock out their Class B shareholders from any effective voice in the company.
Dude, blaming politicians for stupid laws is like blaming sewer workers for shit. People want the government to do all kinds of stupid stuff. Politicians are just pandering to that.
Let me guess: you're a Republican, right? Keeping the system safe is less important than allowing the sysadmin to demonstrate his Moral Fiber. Jeees-us!
Telnet is an obsolete protocol that nobody needs. If you want to show your "responsibility", take the trouble to learn how to use SSH. Or if you must use telnet, live with the fact that OS vendors are going to make you turn it on, instead of leaving an insecure protocol enabled by default.
Having telnet enabled initially makes it easy to setup the system from another location without worrying about making ssh or anything else work.
So the convenience of the admin is more important than the security of the system? Your logic is the reason security is such a problem. Besides, what's the big deal in "making ssh work"? I've never had any trouble.
Incidentally, Solaris 11 will be shipped with all unnecessary services (including telnet) disabled by default.
Subscriptions and purchases don't even begin to cover the cost of publishing a mass-circulation newspaper or magazine. Their role as a revenue stream is actually less important the audit trail they create, which helps convince advertisers that their ads are being seen by the right people.
Typical Slashdotter provincialism. In the real world, "No one I know" != "No one". And I'm guessing you don't run a data center or anything like that. Probably the fanciest system you've ever seen is your big brother's game machine.
Putting ease of use ahead of security is hardly unique to Sun. Actually, this kind of thing isn't even an ease of use issue. Somebody gets a customer complaint, they see a fix, and they implement it without thinking through the security implications. Happens every day — usually several times.
As Zed Shaw [zedshaw.com] says, "if you're ssh'ing in to your servers more than once a week, you haven't automated things enough."
Dude, many data centers have thousands of servers. Sun itself sells a blade system that puts 20 servers in a single rack. In that kind of environment, if you ever ssh into your systems, you haven't automated things enough!
Yeah, that was my response when I first heard of this bug/exploit. But the real question is, should systems be shiped with telnet enabled? Obviously the answer is "no", but vendors seem to be slow to get this message.
And note that this worm is enabled by a bug in Solaris's implementation of telnet, not by telnet itself. A similar bug in ssh would have had the same effect.
Oh, great, you want to go after all the people who "let" their computers get infested. No problem getting that law passed!
Looking at assembly code tells you very little about how modern software systems work. Any more than sheet metal fabrication tells you how an airplane works. Ever hear the expression "can't see the forest for the trees?" With assembly language, you're focusing on the individual leaves!
Since you have a TARDIS, would you mind dropping by 1970 London and grabbing the famous missing tapes? (Hey, now we know what happened to them!) And while you're at it, you should probably acquire a compatible deck!
Are you suggesting that the U.S. isn't the center of the universe? That's Un-American!
Spam free?
The average person can't afford $100 a year? Jeez, the economy's in worse shape than I thought!
Seriously, though, nobody who's running a non-vanity web site is going to balk at an extra $100 a year. Consider that even the cheapest DSL service costs about twice that per year. (Nobody can manage a serious web site using dialup!) And then there's hosting: the minimum you can expect to spend (assuming you just want to host a few static pages) is $60 a year. Real shared hosting (with CGI and databases) costs about $200 a year.
But if you really have thousands of people accessing your web site, you probably need to get a dedicated server. Minimum cost: $2K a year.
So, somebody's spending thousands of bucks to keep their web site up, yet you say it's "elitist" to make them spend $100 for the domain name. Grow up.
Ah, the class 90s disconnect: only evil socialists take money from people, but spending money you don't have is perfectly cool. You don't want to charge more than token fees for domains, but you want to spend huge sums enforcing rules as to how those domains can be used.
Oh, right, you want it to be really cheap to register domains, but you don't like squatters. Can't have it both ways, dude.
Well, duh. That's what happens when you make domain registration an open market. Registration is not a complicated product, so the only way vendors can compete is price. The natural result is a service like GoDaddy which charges a few bucks for a single registration, and provides a corresponding level of service. And why is it news that they facilitate domain squatting? They (and a lot of other registrars) have been advertising cheap bulk registrations for years. And why shouldn't they? If we say, "Compete any way you can", this is the natural result.
If it were up to me, we'd go back to one having one registrar that charges $35/year for every second-level domain. No, better yet, raise it to $100 a year. Allow the registrar a reasonable profit, and put the rest of the money into something useful: research, or bridging the digital divide.
Shazam! No more domain squatting. It's not longer profitable. And that single registrar has every incentive to provide good service: if they don't, they lose their cash cow.
"No way! Why should I have to pay that much for my personal domain name??!!" Hey, if a vanity web site is that important to you, you should shell out. If not, get a third-level domain. When a web site contains nothing but family photos and rants about gun control, nobody cares whether its on JoeBlow.com or JoeBlow.CheapISP.com.
But of course that's never going to happen: ICANN couldn't possibly stand up to all the whinning that would result. So we're stuck with the current situation, and there's no use complaining about companies like GoDaddy. So you're just going to have to live with domain squatting. And remember that when it comes to registering your domain, you get what you pay for.
Ebay doesn't have a huge percentage of its employees using its shuttle service.
Amen to that. Alas, Americans think mass transit is evil.
Lots of SV companies sponsor shuttles, either jointly or on their own. Google's is the first one I've heard of that is so popular. The other shuttles are less ambitious; mostly they bridge the gap between the local train station and the workplace. Only a small percentage of the employees use them.
Why is Google's shuttle program so much more popular? Probably because they can afford to throw a lot of money at the problem. Providing decent transit in a sprawl is expensive. It takes a lot of vehicles to cover all those little neighborhoods. Google can afford it, but most other companies cannot.
And even a company that's rolling in dough is not likely to spend that kind of money on perks. If they did, they'd take heat from their shareholders for not "controlling costs". Google is exempt from that problem because because they've managed to lock out their Class B shareholders from any effective voice in the company.
Firebug and Colourzilla sound interesting. But what's the point of measureit? Relying on fixed-size elements is a bad practice.
Dude, blaming politicians for stupid laws is like blaming sewer workers for shit. People want the government to do all kinds of stupid stuff. Politicians are just pandering to that.
Telnet is an obsolete protocol that nobody needs. If you want to show your "responsibility", take the trouble to learn how to use SSH. Or if you must use telnet, live with the fact that OS vendors are going to make you turn it on, instead of leaving an insecure protocol enabled by default.
Virus and rootkit support counts as feature creep, not usability!
So the convenience of the admin is more important than the security of the system? Your logic is the reason security is such a problem. Besides, what's the big deal in "making ssh work"? I've never had any trouble.
Incidentally, Solaris 11 will be shipped with all unnecessary services (including telnet) disabled by default.
Subscriptions and purchases don't even begin to cover the cost of publishing a mass-circulation newspaper or magazine. Their role as a revenue stream is actually less important the audit trail they create, which helps convince advertisers that their ads are being seen by the right people.
Oops. You're quite correct. Though it should be noted that each of the blades in the system I mentioned is much more powerful than any 1U system.
Since when was Microsoft known for usability?
Typical Slashdotter provincialism. In the real world, "No one I know" != "No one". And I'm guessing you don't run a data center or anything like that. Probably the fanciest system you've ever seen is your big brother's game machine.
Putting ease of use ahead of security is hardly unique to Sun. Actually, this kind of thing isn't even an ease of use issue. Somebody gets a customer complaint, they see a fix, and they implement it without thinking through the security implications. Happens every day — usually several times.
No, the real question is: should I pay attention to a post stating the obvious?
Dude, many data centers have thousands of servers. Sun itself sells a blade system that puts 20 servers in a single rack. In that kind of environment, if you ever ssh into your systems, you haven't automated things enough!
Yeah, that was my response when I first heard of this bug/exploit. But the real question is, should systems be shiped with telnet enabled? Obviously the answer is "no", but vendors seem to be slow to get this message.
And note that this worm is enabled by a bug in Solaris's implementation of telnet, not by telnet itself. A similar bug in ssh would have had the same effect.